Smart locks rendered dumb by automatic update fail

Making dumb things smart can have its benefits, but adding complexity to once-simple devices can also lead to unforeseen problems. It's a lesson smart lock maker LockState is all too aware of, after a clumsily delivered automatic update bricked hundreds of the gizmos, rendering their fancier features like remote locking and unlocking unusable.

As Threatpost explains, LockState pushed an OTA update to its 6000i series smart locks earlier this month that was intended for its 7000i models. This didn't sit well with first-gen 6000i locks, which were subsequently unable to reconnect to the company's web service. This connection is essential for all the smarter features, which include remote access, managing codes for keypad entry and status alerts.

Breaking that link also made "a remote fix impossible," which is the worse part. In a statement to affected customers, LockState is offering two inconvenient paths to resolution. Either send a part of the lock off for repair, which can take up to a week to come back, or wait two weeks or more for the delivery of a replacement lock. The only upside is owners get one free year of access to all those connected services for their trouble.

Roughly 500 locks have been dumbed down by the failed update, according to the company, and it's not the end of the world if you have the old-fashioned key to hand. It's a tad more frustrating for business owners and Airbnb hosts, however, which may rely heavily on remote access and temporary keypad codes. LockState is actually one of Airbnb's partners for its Host Assist program, which features recommended suppliers and services that are supposed to make the whole renting process easier. Around 200 hosts that have purchased LockState's wares are thought to have been affected, the company said.

As more and more devices are becoming WiFi-enabled, smart versions of their former selves, so do the cries of warning around unsecured internet of things things grow louder. These are legitimate worries, of course -- you don't want a hacker unlocking your door remotely, after all -- but there's little you can do when the bricking of hardware is an inside job.